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AMENDMENTS TO THE CLAIMS 



1 1 . (Currently Amended) A method of providing data from a service to a client over a 

2 telecommunication network based on encryption capabilities of the client, the method 

3 comprising the computer-implemented steps of: 

4 at an intermediate server, creating and storing a mapping that associates encryption 

5 types to a plurality of available online services, wherein each of the plurality 

6 of online services is provided by one or more of a plurality of servers: 

7 wherein the intermediate server is coupled to the client and to the plurality of servers: 

8 at the intermediate server, receiving from the client a request for data and a list of 

9 encryption types representing encryption capabilities that are available at the 

10 client; 

1 1 determining an encryption type match by matching the list of encryption types 

12 received from the chent li s t of encryption types to [[a]] the mapping of 

1 3 encryption types to a li s t of on e or more available the plurality of onHne 

14 services; 

15 selectin g, from the plurality of online services, an online service that can provide the 

16 data to the cUent[[,]] based on the encryption type match and the list of one or 

17 more available online services associated with the encryption type match^ 

18 wherein selecting the online service comprises selecting a particular server 

19 from the plurality of servers that provides the online service ; and 

20 causing communication of the data from the selected online service to the chent. 

1 2. (Original) A method as recited in Claim 1, further comprising the step of establishing 

2 a secure connection with the client, and wherein the receiving step is carried out as part of the 

3 establishing step. 

1 3. (Original) A method as recited in Claim 1, further comprising the step of establishing 

2 a secure connection with the client, and wherein the receiving step is carried out as part of the 

3 establishing step, wherein the secure connection is established using a security protocol 

4 selected from among the set consisting of SSL, PPTP, SSH, and IPSec. 
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1 4. (Previously Presented) A method as recited in Claim 1, further comprising the step of 

2 establishing a secure connection with the client, and wherein the receiving step is carried out 

3 as part of the establishing step, wherein the step of establishing the secure connection further 

4 comprises the step of establishing the secure connection with the client using a cipher suite 

5 match. 

1 5. (Original) The method as recited in Claim 1, further comprising the step of 

2 establishing a secure connection with the cUent, and wherein the receiving step is carried out 

3 as part of the establishing step, and further comprising the step of disconnecting the secure 

4 connection and reestablishing the secure connection using a cipher suite match. 

1 6. (Currently Amended) The method as recited in Claim 1 , wherein the ord e r e d mapping 

2 of encryption types to services is an ordered mapping of cipher suites to services. 

1 7. (Original) The method as recited in Claim 1 , further comprising the steps of receiving 

2 a weight value for one or more of the encryption types, and ordering the mapping of 

3 encryption types to services based on the received weight values. 

1 8. (Original) A method as recited in Claim 1 , wherein the encryption type is a cipher 

2 suite match. 

1 9. (Currently Amended) A method as recited in Claim 1, wherein the step of selecting 

2 an online service that can provide the data to the client[[,]] based the encryption type match 

3 and th e list of one or mor e availabl e onlin e o e rvic e s associated with th e e ncryption typ e 

4 match further comprises the step[[s]] of[[:]] 

5 selecting a server farm based on the online servic e, wherein the server farm includes 

6 the plurality of serversr -and 

7 sel e cting a particular server in the s e rver farm to provide the data to the client . 
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1 1 0. (Original) A method as recited in Claim 1 , wherein the step of causing 

2 communication further comprises the step of establishing a connection with a non-encrypted 

3 protocol for use in communicating a request to the selected service to cause communication 

4 of the data from the selected service to the client. 

1 11. (Currently Amended) A method of providing data from a service to a client based on 

2 encryption capabilities of the client, the method comprising the computer-implemented steps 

3 of: 

4 at an intermediate server, r eceiving an ordered mapping of cipher suite names to a 

5 pluralitv of services , wherein each of the pluralitv of services is provided bv 

6 one or more of a pluralitv of servers in a server farm : 

7 wherein the intermediate server is coupled to the client and to the pluralitv of servers 

8 in the server farm; 

9 at the intermediate server, receiving from the client a request for data and an ordered 

1 0 list of cipher suites; 

1 1 determining a cipher suite match by selecting a first conmion cipher suite in the 

12 ordered list of cipher suites and the ordered mapping of cipher suite names to 

13 services; 

14 transmitting the cipher suite match to the client; 

15 selectin g, from the pluralitv of services, the service that is associated with the cipher 

16 suite match in the ordered mapping ; 

17 selecting [[a]] the server farm based on the service; 

18 selecting a particular server from the pluralitv of servers in the server farm to provide 

19 the data to the clien t, wherein the particular server provides the service : and 

20 transmitting the data to the client. 

1 12. . (Original) A method as recited in Claim 1, wherein the mapping of encryption types 

2 to services is stored in an SSL termination module. 
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1 13. (Currently Amended) A method of providing data associated with a service to a client 

2 over a telecommunication network based on SSL encryption capabilities of the client, the 

3 method comprising the computer-implemented steps of: 

4 creating and storing, at an SSL termination device, a mapping that associates cipher 

5 suites that are supported by the SSL termination device with on e or more a 

6 pluraHty of onhne services that are accessible through the SSL termination 

7 device , wherein each of the pluralitv of services is provided bv one or more of 

8 a pluralitv of servers : 

9 wherein the SSL termination device is coupled to the client and to the pluralitv of 

10 servers; 

1 1 receiving from the cUent as part of an SSL handshake phase message, a request for 

12 data and a Hst of cipher suites that are available at the client; 

13 matching the cipher suite list received from the client to the mapping to result in 

14 identifying at least one cipher suite in common between the cipher suite list 

15 and the mapping; 

16 identifying, from based at least on the mapping, selecting an online service from the 

17 plurality of online services that c orrespondfringlls to the cipher suite in 

18 common , wherein selecting the online service comprises selecting a particular 

19 server from the plurality of servers that provides the online service : and 

20 causing communication of the data from the selected online service to the client over 

21 an SSL connection using encryption parameters as defined in the cipher suite 

22 in common. 

1 14-20. (Canceled) 



1 21. (Canceled) 

1 22. (Currently Amended) A computer-readable mediimi carrying one or more sequences 

2 of instructions for providing data from a service to a client based on encryption capabilities 
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3 of the client, which instructions, when executed by one or more processors, cause the one or 

4 more processors to carry out the steps of: 

5 at an intermediate server, creating and storing a mapping that associates encryption 

6 types to a plurality of available online services, wherein each of the plurality 

7 of online services is provided by one or more of a plurality of servers; 

8 wherein the intermediate server is coupled to the client and to the plurality of servers: 

9 at the intermediate server, receiving from the client a request for data and a list of 

10 encryption types representing encryption capabilities that are available at the 

1 1 chent; 

12 determining an encryption type match by matching the list of encryption types 

13 received from the client list of encryption types to [[a]] the mapping of 

14 encryption types to a list of one or mor e available the plurality of online 

15 services; 

16 selectin g, from the plurality of online services, an online service that can provide the 

17 data to the client[[,]] based on the encryption type match and the list of one or 

18 more availabl e online services associat e d with the e ncryption type match^ 

19 wherein selecting the online service comprises selecting a particular server 

20 from the plurality of servers that provides the online service ; and 

21 causing communication of the data from the selected online service to the client. 

1 23-24. (Canceled) 

1 25. (Currently Amended) An apparatus for providing data from a service to a client based 

2 on encryption capabiUties of the client, comprising: 

3 means for executing an intermediate server that is operable to connect to the client 

4 and to a plurality of servers; 

5 means for creating and storing, at the intermediate server, a mapping that associates 

6 encryption types to a plurality of available online services, wherein each of 

7 the plurality of online services is provided by one or more of the plurality of 

8 servers; 
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9 means for receiving from the client a request for data and a list of encryption types 

10 representing encryption capabilities that are available at the client; 

1 1 means for determining an encryption type match by matching the list of encryption 

12 types received from the client list of encryption types to [[a]] the mapping of 

13 encryption types to a list of one or more available the pluralitv of online 

14 services; 

15 means for selectin g, from the pluralitv of online services, an online service that can 

16 provide the data to the client[[,]] based on the encryption type match and th e 

17 list of one or more available online services associated with the encryption 

18 type match , wherein the means for selecting the online service comprise 

19 means for selecting a particular server from the plurality of servers that 

20 provides the online service ; and 

21 means for causing communication of the data from the selected service to the client. 

1 26. (Currently Amended) An apparatus for providing data from a service to a client based 

2 on encryption capabilities of the client, comprising: 

3 a network interface that is coupled to a data network for receiving one or more packet 

4 flows therefrom; 

5 a processor; 

6 an intermediate server which, when executed bv the processor, is operable to connect 

7 to the client and to a plurality of servers; and 

8 one or more stored sequences of instructions which, when executed by the processor, 

9 cause the processor to carry out the steps of: 

10 creating and storing, at the intermediate server, a mapping that associates 

11 encrvption tvpes to a plurality of available online services, wherein 

12 each of the plurality of online services is provided by one or more of 

13 the plurality of servers; 

14 receiving from the client a request for data and an ordered list of encryption 

15 types; 

16 determining an encryption type match by matching the list of encryption types 

17 received from the client list of e ncryption types to [[a]] the mapping of 
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encryption types to a list of one or mor e available the plurality of 
online services; 
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22 



determining a particular server from the plurality of servers to retrieve the data 
based on the encryption type match and the list of one or more 
availabl e onlin e se rvices associated with the encryption type match^ 
wherein the particular server provides the service which is selected 
from the plurality of online services : and 
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causing communication of the data from the particular server to the client. 



1 27. (Canceled) 

1 28. (Canceled) 

1 29. (New) An apparatus as recited in Claim 26, wherein the one or more stored 

2 sequences of instructions further comprise instructions which, when executed by the 

3 processor, cause the processor to carry out the step of establishing a secure connection with 

4 the client, and wherein the receiving step is carried out as part of the establishing step. 

1 30. (New) An apparatus as recited in Claim 26, wherein the one or more stored 

2 sequences of instructions fiirther comprise instructions which, when executed by the 

3 processor, cause the processor to carry out the step of establishing a secure coimection with 

4 the client, and wherein the receiving step is carried out as part of the establishing step, 

5 wherein the secure connection is established using a security protocol selected from among 

6 the set consisting of SSL, PPTP, SSH, and IPSec. 

1 31. (New) An apparatus as recited in Claim 26, wherein the one or more stored 

2 sequences of instructions fiirther comprise instructions which, when executed by the 

3 processor, cause the processor to carry out the step of establishing a secure connection with 

4 the client, and wherein the receiving step is carried out as part of the establishing step, 

5 wherein the step of establishing the secure connection further comprises the step of 

6 establishing the secure coimection with the client using a cipher suite match. 
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1 32. (New) An apparatus as recited in Claim 26, wherein the one or more stored 

2 sequences of instructions further comprise instructions which, when executed by the 

3 processor, cause the processor to carry out the step of estabUshing a secure connection with 

4 the client, and wherein the receiving step is carried out as part of the establishing step, and 

5 further comprising the step of disconnecting the secure connection and reestablishing the 

6 secure connection using a cipher suite match. 

1 33. (New) An apparatus as recited in Claim 26, wherein the mapping of encryption types 

2 to services is an ordered mapping of cipher suites to services. 

1 34. (New) An apparatus as recited in Claim 26, wherein the one or more stored 

2 sequences of instructions further comprise instructions which, when executed by the 

3 processor, cause the processor to carry out the steps of receiving a weight value for one or 

4 more of the encryption types, and ordering the mapping of encryption types to services based 

5 on the received weight values. 

1 35. (New) An apparatus as recited in Claim 26, wherein the encryption type is a cipher 

2 suite match. 

1 36. (New) An apparatus as recited in Claim 26, wherein the instructions that cause the 

2 processor to carry out the step of selecting an online service that can provide the data to the 

3 client based the encryption type match further comprise instructions which, when executed 

4 by the processor, cause the processor to carry out the step of selecting a server farm based on 

5 the online service, wherein the server farm includes the plurality of servers. 

1 37. (New) An apparatus as recited in Claim 26, wherein the instructions that cause the 

2 processor to carry out the step of causing communication further comprise instructions 

3 which, when executed by the processor, cause the processor to carry out the step of 

4 establishing a connection with a non-encrypted protocol for use in communicating a request 
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5 to the selected service to cause communication of the data from the selected service to the 

6 client. 

1 38. (New) An apparatus as recited in Claim 26, further comprising an SSL termination 

2 module that is operable to store the mapping of encryption types to services. 

1 39. (New) An apparatus as recited in Claim 25, further comprising means for 

2 establishing a secure connection with the client, wherein the means for establishing the 

3 secure connection include the means for receiving the request from the client. 

1 40. (New) An apparatus as recited in Claim 25, further comprising means for 

2 establishing a secure connection with the client, wherein the means for establishing the 

3 secure connection include the means for receiving the request from the client, wherein the 

4 secure connection is established using a security protocol selected from among the set 

5 consisting of SSL, PPTP, SSH, and IPSec. 

1 41. (New) An apparatus as recited in Claim 25, further comprising means for 

2 estabhshing a secure connection with the client, wherein the means for establishing the 

3 secure connection include the means for receiving the request from the client, wherein the 

4 means for establishing the secure connection further comprise means for establishing the 

5 secure connection with the client using a cipher suite match. 



1 42. (New) An apparatus as recited in Claim 25, further comprising: 

2 means for establishing a secure connection with the client, wherein the means for 

3 establishing the secure connection include the means for receiving the request 

4 from the client; and 

5 means for disconnecting the secure connection and reestablishing the secure 

6 connection using a cipher suite match. 

1 43. (New) An apparatus as recited in Claim 25, wherein the mapping of encryption types 



2 to services is an ordered mapping of cipher suites to services. 
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1 44. (New) An apparatus as recited in Claim 25, further comprising means for receiving a 

2 weight value for one or more of the encryption types and means for ordering the mapping of 

3 encryption types to services based on the received weight values. 

1 45. (New) An apparatus as recited in Claim 25, wherein the encryption type is a cipher 

2 suite match. 

1 46. (New) An apparatus as recited in Claim 25, wherein the means for selecting an online 

2 service that can provide the data to the client based the encryption type match further 

3 comprise means for selecting a server farm based on the online service, wherein the server 

4 farm includes the plurality of servers. 

1 47. (New) An apparatus as recited in Claim 25, wherein the means for causing 

2 communication further comprise means for establishing a connection with a non-encrypted 

3 protocol for use in communicating a request to the selected service to cause communication 

4 of the data from the selected service to the client. 

1 48, (New) An apparatus as recited in Claim 25, further comprising an SSL termination 

2 module that is operable to store the mapping of encryption types to services. 

1 49. (New) An apparatus for providing data from a service to a client based on encryption 

2 capabilities of the client, comprising: 

3 means for executing an intermediate server that is operable to connect to the client 

4 and to a pluraUty of servers in a server farm; 

5 means for receiving an ordered mapping of cipher suite names to a plurality of 

6 services, wherein each of the plurality of services is provided by one or more 

7 of the plurality of servers in the server farm; 

8 means for receiving from the client a request for data and an ordered list of cipher 

9 suites; 
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10 means for determining a cipher suite match by selecting a first conmion cipher suite 

11 in the ordered list of cipher suites and the ordered mapping of cipher suite 

12 names to services; 

13 means for transmitting the cipher suite match to the client; 

14 means for selecting, from the plurality of services, the service that is associated with 

1 5 the cipher suite match in the ordered mapping; 

16 means for selecting the server farm based on the service; 

17 means for selecting a particular server from the plurality of servers in the server farm 

18 to provide the data to the client, wherein the particular server provides the 

19 service; and 

20 means for transmitting the data to the client. 

1 50. (New) An apparatus for providing data from a service to a client over a 

2 telecommunication network based on Secure Socket Layer (SSL) encryption capabilities of 

3 the client, comprising: 

4 an SSL termination device that is operable to connect to the client and to a plurality of 

5 servers; 

6 means for creating and storing, at the SSL termination device, a mapping that 

7 associates cipher suites that are supported by the SSL termination device with 

8 a plurality of online services that are accessible through the SSL termination 

9 device, wherein each of the plurality of services is provided by one or more of 

10 the plurality of servers; 

1 1 means for receiving from the client as part of an SSL handshake phase message, a 

12 request for data and a list of cipher suites that are available at the client; 

13 means for matching the cipher suite list received from the client to the mapping to 

14 result in identifying at least one cipher suite in common between the cipher 

15 suite list and the mapping; 

16 means for selecting, based at least on the mapping, an online service from the 

17 plurality of online services that corresponds to the cipher suite in common, 

18 wherein the means for selecting the onhne service comprise means for 
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19 selecting a particular server from the plurality of servers that provides the 

20 online service; and 

21 means for causing communication of the data from the selected online service to the 

22 client over an SSL connection using encryption parameters as defined in the 

23 cipher suite in common. 
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